Compliance engineered with the cloud in mind. SilverDoor maintains a set of compliance certifications and attestations to validate our technology and operations.
The ISO 27001 standard provides a framework for businesses seeking to establish, implement, maintain and continually improve an Information Security Management System (ISMS). With an ISMS, businesses can secure their sensitive information through a risk management process that combines people, processes and IT systems.
SilverDoor conforms to the standards developed by United Kingdom Accreditation Service (UKAS) and audited externally by the British Assessment Bureau (BAB). SilverDoor's ISO 27001 certification applies to all of our technology platforms across all locations. Our ISO 27001 certificate number is 220823
The ISO 9001 standard provides guidance for businesses that want to consistently meet and exceed customer requirements and regulatory requirements. It’s based on a number of quality management principles, including a strong product, operational and customer focus, to help ensure that customers receive consistently high-quality products and services.
SilverDoor conforms to the standards developed by United Kingdom Accreditation Service (UKAS) and audited externally by the British Assessment Bureau (BAB). SilverDoor's ISO 9001 certification applies to our entire Business Management System (BMS). Our ISO 9001 certificate number is 220777
The General Data Protection Regulation (GDPR) is a comprehensive European privacy law that took effect on May 25, 2018.
SilverDoor fully comply with this regulation and have implemented all controls and processes outlined in the framework such as, having expanded data privacy rights for individuals, a detailed data breach notification mechanism with enhanced security for data processing, transmission and storing.
The UK Cyber Essentials scheme was developed as part of the UK's National Cyber Security Programme and is backed by the UK industry, including the Federation of Small Businesses and the CBI. SilverDoor is credited by the certification body CREST, which has included an independent CREST security assessor thoroughly testing our cybersecurity controls and computing resources as per the outlined security criteria of the scheme.
The Payment Card Industry Data Security Standards (PCI DSS) is an information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. SilverDoor has implemented rigorous data security standards to ensure that its customer's credit card information remains safe and secure. Our processes have been vetted by Security Metrics, who have also carried out vulnerability scanning of our systems.
We maintain a DR plan that supports a robust business continuity strategy for our production technology services. Our plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The DR plan is constantly measured against strict regulatory and governance requirements.
SilverDoor has attestation of penetration tests and security assessments performed by third parties. We do not provide details of any findings here. Findings can be made available on special request by emailing us. As verified by external audits, vulnerabilities discovered during testing are tracked and resolved in accordance with corporate policy and industry best practices.
On July 16, 2020, Europe’s highest court (the CJEU) invalidated the EU-US Privacy Shield framework as an appropriate mechanism for transferring EU personal data to the United States, which SilverDoor Apartments had previously been relying on.
We are continuing to monitor the situation closely as the United States and European authorities work to negotiate a replacement regime for transcontinental transfers and as European authorities consider practical guidance for companies previously relying on the framework. We may update this page at any time if additional guidance is offered. For the time being, SilverDoor Apartments will also continue to protect EEA, UK and Swiss data in compliance with the Privacy Shield principle to which we continue to self-certify compliance.